More than 50,000 driving licences have been leaked online, sparking warnings from experts that hackers can use the information to apply for credit cards and loans. Ukrainian security consultant Bob Diachenko stumbled upon the folder of PDF and JPG files containing 108,535 scanned images of over 54,000 NSW licences. He also discovered another folder containing Roads and Maritime Services toll notice statutory declarations. The data was stored on an Amazon cloud storage service and contained phone numbers, addresses and birth dates – all of which were available for public view. ‘More than 50K scanned driver licenses (front+back) and toll notices exposed in a misconfigured…
ISBuzz Team
Another week, another misconfigured AWS S3 bucket as security researchers have discovered a misconfigured AWS S3 bucket exposing sensitive files related to SSL247, a reseller of internet security products. The leaky database exposed the personal information of up to 350,000 customers (150 GB), who made purchases through SSL247 between 2012-2020. The data breach affected customers in South America, the Middle East, North America, Europe, and Africa.
Researchers from White Ops Satori Threat Intelligence & Research team have warned about more than 40 apps that promise free shoes, but actually infect your smartphone with dangerous malware. If downloaded, the malware, dubbed TERRACOTTA, can be used to generate fraudulent ad impressions and bombard your smartphone with annoying ads.
Research released today by Check Point, revealing that the QBot Trojan operators are using new tactics to hijack legitimate, emailed conversations in order to steal credentials and financial data.
The US authorities arrested and charged a Russian national in US who was recruiting and convincing a Tesla’s employee to install a malware at Tesla factory in Nevada. The Telsa CEO Elon Musk also confimed the plot by tweet.The cybersecurity experts reacted on this new plot.
The increasing number of cyber incidents against commercial vessels and port authorities has led the US Coast Guard to publish updated guidelines for mitigating cyber risks and vulnerabilities in the shipping sector. In March 2020, the US Coast Guard issued new “Guidelines for Addressing Cyber Risks at Maritime Transportation Security Act (MTSA)-regulated facilities”. The Guidelines are intended to assist facility owners and operators in complying with the requirements to assess, document, and address system and network risks. The Maritime Cybersecurity Guidelines were mandated by the increasing number of cybersecurity incidents on shipping companies as well as port facilities. But the…
Increasingly, digital transformation and customer expectations are driving organizations to employ creative approaches to serving the needs of a diverse mix of end users and experiences. From telemedicine to online banking, real-time APIs are the foundation upon which digital business is built, allowing app developers to create apps that can serve the needs of their customers. With the explosion of apps in the digital world that are served instantly by APIs, the need to rapidly detect and protect API breaches becomes critical. APIs form the chassis for modern applications. They are everywhere, enabling developers to obtain valuable information from other software components…
The coronavirus pandemic has drastically changed people’s everyday lives and limited their options. However, cybercriminals have capitalized on this unprecedented situation. Here are five sectors at an increased risk of cyberattacks during COVID-19. 1. Health Care The health care sector was a top target for cybercriminals before the pandemic hit. Researchers found many escalated their efforts to capitalize on the urgency and challenges posed by the novel coronavirus outbreak. Attackers want to exploit existing weaknesses, knowing that doing so now would prove especially devastating to the affected organizations. Many also targeted health care workers by orchestrating phishing emails that promised legitimate…
The Luminate Education Grouo (LEG) t have been hit by a cyber-attack, affecting thousands of students. Luminate Education Group (LEG), which includes Leeds City College (LCC), said the attack had caused “operational disruption” to its IT infrastructure.
Social media research group Graphika identified a Twitter botnet of around 3,000 bots deployed to echo pro-Chinese political message released through state propaganda accounts. The botnet is identified by quick sharing of the message and using the same tweet style. Cybersecurity experts commented below on the danger of using these botnets for malicious purposes. https://twitter.com/DemopJ/status/1298806626309345286